CVE-2025-21850Infinite Loop in Linux

CWE-835Infinite Loop5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 99.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedMar 12

Description

In the Linux kernel, the following vulnerability has been resolved: nvmet: Fix crash when a namespace is disabled The namespace percpu counter protects pending I/O, and we can only safely diable the namespace once the counter drop to zero. Otherwise we end up with a crash when running blktests/nvme/058 (eg for loop transport): [ 2352.930426] [ T53909] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] PREEMPT SMP KASAN PTI [ 2352.930431] [ T53909]

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

NVDlinux/linux_kernel6.136.13.5+1
CVEListV5linux/linux74d16965d7ac378d28ebd833ae6d6a097186a4eccc0607594f6813342b27c752c6fb6f6eb9980cb5+2
debiandebian/linux

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-cq9m-7482-xq9j: In the Linux kernel, the following vulnerability has been resolved: nvmet: Fix crash when a namespace is disabled The namespace percpu counter prote2025-03-12
OSV
CVE-2025-21850: In the Linux kernel, the following vulnerability has been resolved: nvmet: Fix crash when a namespace is disabled The namespace percpu counter protect2025-03-12

📋Vendor Advisories

2
Red Hat
kernel: nvmet: Fix crash when a namespace is disabled2025-03-12
Debian
CVE-2025-21850: linux - In the Linux kernel, the following vulnerability has been resolved: nvmet: Fix ...2025
CVE-2025-21850 — Infinite Loop in Linux | cvebase